With Active Directory, a user is required to change their password on next login if the pwdLastSet attribute on their account is set to zero. It would be nice to redirect the user to a form where they can change their password if they try to login under this scenario. On Keycloak 1.4 it seems that the application currently just displays a login error when this is the case. Any thoughts on this or can I go ahead and create an issue and try to implement this change?

Thanks,

Cory Snyder